There really isn't such a thing as "IP spoofing." This SO post discusses the matter: http://stackoverflow.com/questions/12736872/can-someone-spoof-an-ip-address-to-any-number
On Heroku, there is indeed a special consideration for IP address: they do not behave the way normal Rails apps do. Instead, you'll want to examine this: request.headers['X-Forwarded-For'] I recommend this great gem for this task, which also serves a double purpose of fending off DDOS attacks (which every app should have installed) https://github.com/heroku/rack-timeout Using rack-timeout you can set up pretty much any Rack-level restrictions you want, including a restriction for a specific part of the app to be available only to a whitelisted set of IPs > On Dec 6, 2016, at 5:34 AM, Neil Middleton <[email protected]> wrote: > > This is something you need to do within your app. There's nothing that does > this at the platform level. > Saying that though, IP spoofing is dead easy so I would question the merit of > doing this at all. > > On Tue, 6 Dec 2016, 10:31 Steve Button, <[email protected] > <mailto:[email protected]>> wrote: > Hi, > > Been trying to google for this for a while, and nothing recent + nothing > seems to actually answer the question. > > We have a /admin area within our site, which we would like to restrict to a > certain range of IP addresses (or list of IPs). > > Can this be achieved easily within Heroku? > > Thanks, > > > -- > -- > You received this message because you are subscribed to the Google > Groups "Heroku" group. > > To unsubscribe from this group, send email to > [email protected] > <mailto:heroku%[email protected]> > For more options, visit this group at > http://groups.google.com/group/heroku?hl=en_US?hl=en > <http://groups.google.com/group/heroku?hl=en_US?hl=en> > > --- > You received this message because you are subscribed to the Google Groups > "Heroku Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. > > -- > -- > You received this message because you are subscribed to the Google > Groups "Heroku" group. > > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/heroku?hl=en_US?hl=en > <http://groups.google.com/group/heroku?hl=en_US?hl=en> > > --- > You received this message because you are subscribed to the Google Groups > "Heroku Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. ---- Jason Fleetwood-Boldt [email protected] http://www.jasonfleetwoodboldt.com/writing If you'd like to reply by encrypted email you can find my public key on jasonfleetwoodboldt.com <http://jasonfleetwoodboldt.com/> (more about setting GPG: https://gpgtools.org) -- -- You received this message because you are subscribed to the Google Groups "Heroku" group. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/heroku?hl=en_US?hl=en --- You received this message because you are subscribed to the Google Groups "Heroku Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
